Security Engineer- Product Security
Security engineers at Spotify help protect the security of our platform and the experience of more than 700 million users around the world. We're looking for an experienced engineer to join us in securing some of Spotify’s most important engineering initiatives.
You’ll work across product and infrastructure security, partnering with autonomous development and platform teams to build secure systems at scale. We’re a distributed team that combines deep security expertise with practical tooling and guidance, helping engineers move quickly while continuously strengthening Spotify’s security posture. We value curiosity, collaboration, and a willingness to both teach and learn from others.
You bring experience in security, software, or systems engineering and enjoy solving complex technical challenges. In this role, you’ll represent security across a variety of engineering and business contexts, so you’re comfortable communicating with diverse audiences and translating security concepts into practical outcomes.
What You'll Do
Champion and contribute to the development and implementation of security best practices, standards, and automated tooling for secure development and deployment across Spotify’s infrastructure and platforms, including AI-driven development.
Partner closely with teams across the company to integrate security throughout the software development lifecycle, from ideation and design through deployment and monitoring.
Consult, educate, and advocate for practical security approaches with groups of varying sizes, disciplines, and experience levels.
Drive cross-disciplinary initiatives that improve the security of Spotify’s engineering ecosystem and the products we build.
Conduct threat modeling, security reviews, and risk assessments across Spotify’s diverse range of generative AI and non-AI systems and platforms.
Evaluate, prototype, and integrate security solutions and tools that improve security outcomes and developer experience at scale.
Stay current with the rapidly evolving landscape of AI security threats, academic research, vulnerabilities, and mitigation strategies relevant to Spotify’s scale and domain.
Contribute to security incident response activities involving Spotify platforms and systems, helping strengthen our detection, response, and remediation capabilities.
Who You Are
You have 3+ years of hands-on experience in security engineering or a related technical field.
You are comfortable writing code to integrate security tools and automate workflows using modern software development practices.
You have expertise in one or more domains such as backend development, AI/ML systems, distributed computing, CI/CD platforms, cloud infrastructure, or developer platforms.
You have a strong foundation in security concepts including cryptography, threat modeling, secure design, and software security.
You are comfortable working with diverse stakeholders and communicating security concepts to both technical and non-technical audiences.
You have experience working in agile environments and can adapt quickly to changing priorities and evolving challenges.
You can read and write code in one or more languages such as Java, Python, Scala, C++, or TypeScript.
You have experience applying generative AI tools to security and software engineering challenges.
You have a strong understanding of common security risks, attack vectors, and vulnerabilities relevant to AI and machine learning systems, and how to mitigate them.
You have experience integrating security tooling into large-scale production environments.
You are familiar with modern agentic AI frameworks and emerging AI development patterns.
You care about building secure systems while enabling engineers to move quickly and confidently.
Where You'll Be
This role is based in London, United Kingdom or Stockholm, Sweden.
We offer you the flexibility to work where you work best! There will be some in person meetings, but still allows for flexibility to work from home.